What We Do
How we do it
Resources
SECURITY ADVISORIES
May 11, 2022
CVE-2022-26923 - Active Directory Domain Services Elevation of Privilege Vulnerability
THE THREAT Microsoft has disclosed a new vulnerability impacting Active Directory Certificate Services (ADCS) tracked as CVE-2022-26923 (Active Directory Domain Services Elevation of Privilege Vulnerability). If exploited successfully, an authenticated attacker can escalate privileges in environments where ADCS is running on the domain. eSentire is aware of technical details and tooling [2] for…
Read More
View all Advisories →
Company
ABOUT ESENTIRE
About Us
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1200+ organizations in 75+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Read about how we got here
Leadership Work at eSentire
LATEST PRESS RELEASE
May 17, 2022
Cybersecurity Leader eSentire Continues Its Commitment to Rigorous Security Standards Earning PCI DSS Certification
Waterloo, ON, May 17, 2022 — eSentire, the Authority in Managed Detection and Response (MDR), maintains one of the most secure and robust IT environments of any MDR provider in the industry. To that end, eSentire today announced that it has received the Payment Card Industry Data Security Standard (PCI DSS) certification, considered one of the most stringent and comprehensive payment card…
Read More
Partners
PARTNER PROGRAM
e3 Ecosystem
We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.
Learn more
ECOSYSTEM PARTNER RESOURCES
Apply to become an e3 ecosystem partner with eSentire, the Authority in Managed Detection and Response.
Login to the Partner Portal for resources and content for current partners.
Search
Resources
Blog — Feb 03, 2015

Preparing for the cybersecurity paradigm shift

Speak With A Security Expert Now

At eSentire, we take our business seriously. We’re passionate about the work that we do and acknowledge the unique risks that clients specifically operating in the financial space face on a daily basis. To gain recognition for the work that we do in any capacity is icing on the cake.

Thus, we’re honored to have received the Best Security Solution and Most Innovative Technology Solution awards at this week’s HFM US Technology Awards gala!

And while we’re grateful for moments like this, we recognize that our work is far from over. The frequency and complexity that we see with cyber attacks today is only going to continue to grow. Organizations operating in the financial space in particular have felt increasing pressure with the introduction of a 28-point cyber review questionnaire and looming U.S. Securities and Exchange Commission’s (SEC) Office of Compliance, Inspections and Examinations (OCIE) testing.

Several months ago the SEC launched the first round of cyber reviews, targeting 100+ firms as part of an initial fact-finding mission. The feedback gathered in this stage was meant to provide a snapshot of the industry’s overall cybersecurity posture while providing context for upcoming industry-wide examinations.

The original timeline detailed by the SEC suggested that industry-wide examinations would launch in September of 2014. It was expected that the results of the cyber reviews would provide a glimpse into what the exams would bring.

Just last week, HFMWeek Online reported exclusively that after months of speculation, the SEC is ready to announce next steps. The first of which will focus on independent testing, which is expected to be more thorough than that experienced with the 28-point questionnaire. OCIE Director Drew Bowden suggested that while the information collected through the 28-point questionnaire was informative, it in no way declared the preparedness of the industry.

If anything, the SEC’s initiative has spurred a radical shift in thinking. The OCIE expects that a summary of its questionnaire findings may be released sometime in March. In the meantime, plans are also underway to expand testing abroad (Europe, the UK and Asia).

The after-effects of last year’s record-breaking breaches continue to permeate the industry. Firms of all scale and scope recognize the very real risk of threats today. The SEC is just one regulatory association taking action to protect the national economy, and global assets. At eSentire, we recognize that education and preparation are fundamental steps in maintaining a sturdy cybersecurity posture. Taking a proactive stance can help firms protect their assets while preparing for any regulatory ask that might come their way.

In the spirit of planning, we’ve issued incident response and information security policy guidance framework documents. The checklist-style documents, available at no charge, provide an actionable framework for responding to and managing a proactive cybersecurity defense posture. Both documents have been released under a Creative Commons license (Creative Commons Attribution Non-Commercial (by-nc). Resources like these framework documents are a critical tool that firms can employ to build out fundamental cybersecurity plans and considerations. At eSentire we live by the adage that an ounce of prevention is worth a pound of cure. Last year’s radical paradigm shift exemplifies that point.

View Most Recent Blogs
Eldon Sprickerhoff
Eldon Sprickerhoff Founder and Chief Innovation Officer
In founding eSentire, Eldon Sprickerhoff responded to the incipient yet rapidly growing demand for a more proactive approach to preventing and investigating information security breaches. Now with over twenty years of tactical experience, he is acknowledged as a subject matter expert in information security analysis.